Vulnerabilities > Barracuda > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-12 | CVE-2019-5648 | Insufficiently Protected Credentials vulnerability in Barracuda Load Balancer ADC Firmware Authenticated, administrative access to a Barracuda Load Balancer ADC running unpatched firmware <= v6.4 allows one to edit the LDAP service configuration of the balancer and change the LDAP server to an attacker-controlled system, without having to re-enter LDAP credentials. | 6.5 |
| 2018-12-23 | CVE-2018-20369 | Cross-site Scripting vulnerability in Barracuda Message Archiver 2018 Barracuda Message Archiver 2018 has XSS in the error_msg exception-handling value for the ldap_user parameter to the cgi-mod/ldap_load_entry.cgi module. | 6.1 |